Change the sudo permissions for sandbox.

Instead of rm directly we now do a find.

Change the sudo permissions for sandbox.
Instead of rm directly we now do a find.
3d7ed529 · Feanil Patel · bb1e7e16 · 3d7ed529
Commit 3d7ed529 authored Sep 15, 2014 by Feanil Patel
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

playbooks/roles/edxapp/templates/95-sandbox-sudoer.j2
+2 -2

No files found.
--- a/playbooks/roles/edxapp/templates/95-sandbox-sudoer.j2
+++ b/playbooks/roles/edxapp/templates/95-sandbox-sudoer.j2
 {% if devstack %}
 {{ edxapp_user }} ALL=({{ edxapp_sandbox_user }})  SETENV:NOPASSWD:{{ edxapp_sandbox_venv_dir }}/bin/python
-{{ edxapp_user }} ALL=({{ edxapp_sandbox_user }})  SETENV:NOPASSWD:/bin/rm /tmp/codejail-*/tmp
+{{ edxapp_user }} ALL=({{ edxapp_sandbox_user }})  SETENV:NOPASSWD:/usr/bin/find /tmp/codejail-*/tmp -mindepth 1 -maxdepth 1 -exec rm -rf {} ;
 {{ edxapp_user }} ALL=(ALL) NOPASSWD:/bin/kill
 {{ edxapp_user }} ALL=(ALL) NOPASSWD:/usr/bin/pkill
 {% else %}
 {{ common_web_user }} ALL=({{ edxapp_sandbox_user }})  SETENV:NOPASSWD:{{ edxapp_sandbox_venv_dir }}/bin/python
-{{ common_web_user }} ALL=({{ edxapp_sandbox_user }})  SETENV:NOPASSWD:/bin/rm /tmp/codejail-*/tmp
+{{ common_web_user }} ALL=({{ edxapp_sandbox_user }})  SETENV:NOPASSWD:/usr/bin/find /tmp/codejail-*/tmp -mindepth 1 -maxdepth 1 -exec rm -rf {} ;
 {{ common_web_user }} ALL=(ALL) NOPASSWD:/bin/kill
 {{ common_web_user }} ALL=(ALL) NOPASSWD:/usr/bin/pkill
 {% endif %}